Skift Travel News Blog

IHG (InterContinental Hotels Group), one of the world’s largest hotel companies, issued a statement on Tuesday that said it was investigating unauthorized access to parts of the company’s technology systems.

The UK-based company, which manages brands such as Holiday Inn and Crowne Plaza, said its “booking channels and other applications” had been disrupted since yesterday. It uses many external vendors, including Amadeus, to help with accepting reservations from third parties and other processes.

“IHG is working to fully restore all systems as soon as possible,” the company said. “We will be supporting hotel owners and operators as part of our response to the ongoing service disruption. IHG’s hotels are still able to operate and to take reservations directly.”

IHG didn’t say there had been any loss of customer data. Europe has strict laws that hold companies responsible for allowing customer data to be stolen by bad actors.

Hotel giant Marriott International has suffered a data breach, with hackers stealing 20 gigabytes of sensitive information, including guests’ credit card information.

In 2020, Marriott notified 5 million guests their information was compromised through an app used to provide services at hotels.

This event is on a smaller scale, as according to a report by DataBreaches the incident, which took place in June, saw an as-yet unidentified group claim they used “social engineering” — where hackers trick someone into performing an action or divulging confidential information — to access a computer at the BWI Airport Marriott Maryland.

The hotel is described as “modern, convenient and superbly situated” and is a popular layover for flight crews — leaked documents include reservations made by airlines for their employees.

Names and details of other guests, including credit card information used to make bookings, have also been leaked, and Marriott is reportedly notifying up to 400 individuals of the attack, although it’s unclear if they are mostly guests or Marriott’s own staff.

“Marriott International is aware of a threat actor who used social engineering to trick one associate at a single Marriott hotel into providing access to the associate’s computer. The threat actor did not gain access to Marriott’s core network,” a Marriott spokesperson told TechCrunch.

It is unclear whether ransom money was demanded.

Earlier this month Israel’s Gol Tours Ltd suffered a cyber attack that saw 30,000 profiles leaked.

UPDATE: In a statement to Skift on Thursday, a Marriott International spokesperson said:

“Marriott International is aware of a threat actor who used social engineering to trick one associate at a single Marriott hotel into providing access to the associate’s computer. The threat actor did not gain access to Marriott’s core network. Our investigation determined that the information accessed primarily contained non-sensitive internal business files regarding the operation of the property. The incident was contained to a short period of time. Marriott identified and was investigating the incident before the threat actor contacted the company in an extortion attempt, which Marriott did not pay. The company is preparing to notify 300-400 individuals regarding the incident. Marriott has also notified law enforcement and is supporting their investigation.”

The Israeli government has seized the computer servers of a tour operator after hackers obtained the personal information of 300,000 people.

According to local reports, the government’s Privacy Protection Authority division took action against Gol Tours Ltd after a cyber attack more than two weeks ago.

Gol Tours operates 20 travel booking websites, including hotel4u.co.il, booking-hotels.co.il and come2israel.com The leaked information includes telephone numbers, addresses, dates and locations of booked vacations, and medical information, the authority said in a statement according to the Times of Israel.

The authority said it contacted the owner of Gol Tours following the hack to address the security flaws, but it did not cooperate. “The required changes were not made,” the authority reportedly said.

The owners rejected the claims, another news website, Channel 12, reported.

Iranian hacker group Sharp Boys was behind the attack, according to local media.

Travel companies have a long history of being subject to ransomware attacks.

In 2020, corporate travel giant CWT paid $4.5 million in ransom to cyber hackers. Some 30,000 computer systems were infected and locked.

On Monday, Reuters reported that the Shanghai police may have been attacked, resulting in a potential data breach affecting one billion Chinese citizens.